Skip to content

fix(coverity-api): add support for RESOURCE_LEAK quality findings#14749

Merged
mtesauro merged 1 commit into
DefectDojo:bugfixfrom
Jino-T:coverity-resource-leak-bugfix
Apr 30, 2026
Merged

fix(coverity-api): add support for RESOURCE_LEAK quality findings#14749
mtesauro merged 1 commit into
DefectDojo:bugfixfrom
Jino-T:coverity-resource-leak-bugfix

Conversation

@Jino-T
Copy link
Copy Markdown
Contributor

@Jino-T Jino-T commented Apr 24, 2026
edited
Loading

[sc-12941]

Summary

  • Extends the Coverity API parser to import RESOURCE_LEAK findings where displayIssueKind is Quality, in addition to the existing Security findings
  • All other Quality checkers (e.g. NULL_RETURNS, FORWARD_NULL) remain excluded
  • RESOURCE_LEAK findings are parsed with the same fields as security findings: title, severity, cwe, file_path, date, unique_id_from_tool, nb_occurences, active/verified

Test plan

  • Updated existing tests to reflect new finding counts across few_findings.json, few_findings_triaged_as_bug.json, and few_findings_mitigated.json
  • Added assertions verifying RESOURCE_LEAK finding fields (title, severity High, CWE 404, file path, date, active/verified state)
  • Added new fixture only_non_resource_leak_quality.json (NULL_RETURNS/FORWARD_NULL only) so the test_parse_only_quality test continues to assert 0 findings for non-RESOURCE_LEAK quality checkers
  • All 6 unit tests pass

🤖 Generated with Claude Code

@Jino-T @claude
feat(coverity-api): add support for RESOURCE_LEAK quality findings
de13ba7 
Extend the Coverity API parser to import findings with checker
RESOURCE_LEAK and displayIssueKind Quality, in addition to the
existing Security findings. Update tests to reflect the new counts
and add assertions covering RESOURCE_LEAK field values.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@valentijnscholten valentijnscholten added this to the 2.58.0 milestone Apr 27, 2026
mtesauro
mtesauro approved these changes Apr 30, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@mtesauro mtesauro merged commit 97c0e27 into DefectDojo:bugfix Apr 30, 2026
156 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mtesauro mtesauro mtesauro approved these changes

@valentijnscholten valentijnscholten valentijnscholten approved these changes

@paulOsinski paulOsinski paulOsinski approved these changes

@Maffooch Maffooch Maffooch approved these changes

Assignees

No one assigned

Labels

parser unittests

Projects

None yet

Milestone

2.58.0

Development

Successfully merging this pull request may close these issues.

5 participants

@Jino-T @mtesauro @valentijnscholten @paulOsinski @Maffooch